-1

我在一个函数中对 $result 进行了编码,并尝试解码并匹配另一个函数中的条件。这是代码:

function postOperation(){
    include("function/db.php");
        $name = $_POST['name'];
        $mfsname = $_POST['mfsname'];
        $mfsnumber = $_POST['mfsnumber'];
        $amount = $_POST['amount'];
        $pin_no = $_POST['pinno'];

        $insert_info = "insert into table_name(name, mfs_name, mfs_number, amount, pin_no) 
        values('$name', '$mfsname', '$mfsnumber', '$amount', '$pin_no')";

        $success=0;
        $insert_final = mysqli_query($conn,$insert_info);
        if($insert_final){
           $success=1;
           $result["success"]=$success;
        }
        json_encode($result);
}

function getOperation(){
        $array = json_decode($result, true);
        if($array["success"] == 1){
           echo "<script>alert('Transaction successful!')</script>";
        }

}
4

1 回答 1

0

有一些逻辑错误

$success=0; $result["success"]=$success; //I have added this line

并添加了一个return json_encode($result);

查看完整代码:

function postOperation(){
        include("function/db.php");

        $name = $_POST['name'];
        $mfsname = $_POST['mfsname'];
        $mfsnumber = $_POST['mfsnumber'];
        $amount = $_POST['amount'];
        $pin_no = $_POST['pinno'];

        $stmt = mysqli_prepare("insert into table_name(name, mfs_name, mfs_number, amount, pin_no) values(?, ?, ?, ?, ?)");
        mysqli_stmt_bind_param($stmt, "ssiii", $name, $mfsname, $mfsnumber, $amount, $pin_no);

        $success=0;
        $result["success"]=$success; 
        if(mysqli_stmt_execute($stmt)){
           $success=1;
           $result["success"]=$success;
        }

        return json_encode($result);
}

function getOperation($result){
        $array = json_decode($result, true);
        if($array["success"] == 1){
           echo "<script>alert('Transaction successful!')</script>";
        }

}

请在对 $_POST 变量的一些值进行硬编码后测试上述函数。然后像下面这样调用这些函数:-

$result = postOperation(); 
getOperation($result);

还有一件重要的事情:你的 sql 语句不安全。会有SQL注入 请参考链接:如何避免SQL注入

于 2020-03-04T07:23:36.007 回答